mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
75 lines
2.5 KiB
JSON
75 lines
2.5 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-54095",
|
|
"ASSIGNER": "productcert@siemens.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 10). The affected application is vulnerable to integer underflow vulnerability which can be triggered while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-191: Integer Underflow (Wrap or Wraparound)",
|
|
"cweId": "CWE-191"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Siemens",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Solid Edge SE2024",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "0",
|
|
"version_value": "V224.0 Update 10"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://cert-portal.siemens.com/productcert/html/ssa-730188.html",
|
|
"refsource": "MISC",
|
|
"name": "https://cert-portal.siemens.com/productcert/html/ssa-730188.html"
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
|
"baseScore": 7.8,
|
|
"baseSeverity": "HIGH"
|
|
}
|
|
]
|
|
}
|
|
} |